A new security vulnerability has been discovered: the clickety clack of the keyboard.

An audio recording of an individual's typing can be transposed into a transcript of what was typed, according to researchers with the University of California, Berkeley. The technique works because each key makes a distinct sound when hit, and users, who typically type about 300 characters a minute, leave enough time between keystrokes for a computer to isolate the individual sounds.

The researchers were able to take several 10-minute sound recordings of users typing at a , feed the audio into a computer, and use an algorithm to recover up to 96 percent of the characters entered.

Related story

The technique worked when music or cell phone ringing jangled in the background--and even on so-called quiet keyboards with off-the-shelf recording equipment.

While any sort of typed documents could be pilfered through this technique, the study underscores the vulnerability of passwords, said Doug Tygar, a UC Berkeley professor of computer science and information management, and a principal investigator of the study.

"Passwords are a mechanism for authentication that really need to be rethought," he said. "This is not an esoteric attack. It requires some knowledge of computer science, but it can be done using many components that are freely available...We used $10 microphones."

The work builds on research conducted by IBM's Dmitri Asonov and Rakesh Agrawal that showed how 80 percent of text typed could be recovered from keyboard recordings. Those experiments, however, were tightly controlled.

The results of their findings will be presented Nov. 10 at the Association for Computing Machinery Conference in Alexandria, Va.

The UC Berkeley technique relies on probabilistic computing techniques that underlie search engines. The computer categorizes the sound of each key and takes an educated guess about the character or word that was written. The computer uses both the sound of the keystroke and linguistic conventions to interpret a keystroke as an E after TH rather than a Q when the sound is similar--to come to a conclusion.

The first pass is right about 60 percent of the time for characters and 20 percent of the time for entire words. The transcript is then run through spelling and grammar checks, which increased character accuracy to 70 percent and the word accuracy to 50 percent.

The results are then fed back through the computer to refine future results. After three feedback cycles, the accuracy rate rose to 88 percent for words and 96 percent for characters.

Further experiments will take place. The researchers didn't examine what happens when the Shift, Control, Delete or Caps Lock keys are hit. Mouse actions also raise a major problem.